[0xCMP]

My main reason is that nft applies configs atomically. It also has very good tracing/debugging features for figuring out how and why things aren't working as expected.

That said, I think many distros are shipping `iptables` as the wrapper/compatibility layer over nft now anyways.

[znpy]

as somebody that's not a network engineer by day and has barely grokked iptables, could you recommend some resources for learning nftables ?

[0xCMP]

I used the nftables Wiki to learn all the basics I know about nft: https://wiki.nftables.org/wiki-nftables/index.php/Main_Page

Here is their example relevant to the current article: https://wiki.nftables.org/wiki-nftables/index.php/Simple_rul...